APxxxx, RFSxxxx, WSxxxx, CBxxxx (existing and legacy) – NOT vulnerable, as they don’t have bash at all.

NXxxxx and VXxxxx – KIND OF. They have unpatched bash, but it’s not exposed through any APIs/UIs unless you already somehow get the shell (which defeats the purpose of this vulnerability). Nevertheless, “Never say never” and a patch will be released in due time just to be sure, but there’s no rush.